./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1009453992 <...> Warning: Permanently added '10.128.0.122' (ECDSA) to the list of known hosts. execve("./syz-executor1009453992", ["./syz-executor1009453992"], 0x7ffc02144f30 /* 10 vars */) = 0 brk(NULL) = 0x555555ae5000 brk(0x555555ae5c40) = 0x555555ae5c40 arch_prctl(ARCH_SET_FS, 0x555555ae5300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1009453992", 4096) = 28 brk(0x555555b06c40) = 0x555555b06c40 brk(0x555555b07000) = 0x555555b07000 mprotect(0x7f880c0d3000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/raw-gadget", O_RDWR) = 3 ioctl(3, USB_RAW_IOCTL_INIT, 0x7ffdfd078cc0) = 0 ioctl(3, UI_DEV_CREATE or USB_RAW_IOCTL_RUN, 0) = 0 ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdfd078cc0) = 0 ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdfd078cc0) = 0 ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdfd077cb0) = 18 syzkaller login: [ 49.095388][ T22] usb 1-1: new high-speed USB device number 2 using dummy_hcd ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdfd078cc0) = 0 ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdfd077cb0) = 18 ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdfd078cc0) = 0 ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdfd077cb0) = 9 ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdfd078cc0) = 0 ioctl(3, USB_RAW_IOCTL_EP0_WRITE, 0x7ffdfd077cb0) = 27 ioctl(3, USB_RAW_IOCTL_EVENT_FETCH, 0x7ffdfd078cc0) = 0 ioctl(3, USB_RAW_IOCTL_VBUS_DRAW, 0) = 0 ioctl(3, USB_RAW_IOCTL_CONFIGURE, 0) = 0 ioctl(3, USB_RAW_IOCTL_EP_ENABLE, 0x7f880c0d93ac) = 10 ioctl(3, USB_RAW_IOCTL_EP0_READ, 0x7ffdfd077cb0) = 0 [ 49.456172][ T22] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 49.465428][ T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 49.476172][ T22] usb 1-1: config 0 descriptor?? ioctl(3, USB_RAW_IOCTL_EP_WRITE, 0x7ffdfd078d00) = 16 [ 49.736294][ T26] ------------[ cut here ]------------ [ 49.741874][ T26] WARNING: CPU: 1 PID: 26 at drivers/net/wireless/ath/ath6kl/htc_pipe.c:963 ath6kl_htc_pipe_rx_complete+0xde9/0xfd0 [ 49.754142][ T26] Modules linked in: [ 49.758191][ T26] CPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 5.18.0-rc7-syzkaller #0 [ 49.766469][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.776568][ T26] Workqueue: events ath6kl_usb_io_comp_work [ 49.782453][ T26] RIP: 0010:ath6kl_htc_pipe_rx_complete+0xde9/0xfd0 [ 49.789071][ T26] Code: 0f 85 fc 01 00 00 89 d8 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 25 a8 de fb 0f 0b bb ea ff ff ff eb ac e8 17 a8 de fb <0f> 0b 48 c7 c7 60 97 23 8b 31 c0 e8 37 49 fe ff bb ea ff ff ff eb [ 49.808738][ T26] RSP: 0018:ffffc90000a1fa80 EFLAGS: 00010293 [ 49.814792][ T26] RAX: ffffffff85a76ce9 RBX: ffff888073ef0ed0 RCX: ffff888016291d80 [ 49.822801][ T26] RDX: 0000000000000000 RSI: ffff8880244d1c80 RDI: ffff888073ef0e60 [ 49.830823][ T26] RBP: ffffc90000a1fbd0 R08: ffffffff85ad3177 R09: fffffbfff1f64412 [ 49.838847][ T26] R10: fffffbfff1f64412 R11: 1ffffffff1f64411 R12: 1ffff92000143f68 [ 49.846889][ T26] R13: ffff88807407eca0 R14: 0000000000000000 R15: dffffc0000000000 [ 49.854861][ T26] FS: 0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 [ 49.863881][ T26] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 49.870504][ T26] CR2: 000055e2235f7360 CR3: 0000000024e94000 CR4: 00000000003506e0 [ 49.878521][ T26] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 exit_group(0) = ? +++ exited with 0 +++ [ 49